The CEMA stands for Cyber and Electromagnetic Activities and is part of the Ministry of Defence. This company was created in July 2021 to strengthen the Royal Netherlands Army. The CEMA company can also support attacks by units in the digital and electromagnetic spectrum. To introduce people to the company, a 'Capture The Flag' event was held in December in the form of an advent calendar, where a challenge was released each day.
The challenges call on a wide range of skills from the students:
- Cryptography: the aim here is to crack or clone cryptographic objects or algorithms,
- Forensics: forensic challenges often have a media focus and consist of file format analysis, steganography, memory dump analysis and network packet capture analysis,
- Web: this type of challenge focuses on finding and exploiting vulnerabilities in web applications,
- Binary exploitation: binary exploitation involves exploiting a bug or vulnerability to unintentionally perform other tasks in an application,
- Reverse engineering: converting machine code/byte code into a readable format to understand a particular program and identify deeper problems,
- Programming: writing a script or program, to communicate something to, for example, a server and execute something,
- OSINT: using open source information sources to track down something or someone.
ATP013: Team Tilburg
During the competition, the aim was to compete against each other by solving CTF's (capture the flag's). Teams earn points by hacking and decoding files to find flags that are encrypted, hidden or hard to find. The Tilburg team, named ATP013, bravely took the lead in the rankings. The win was close, according to Mario van Hoppe, Cyber Security student at Fontys Hogeschool ICT: "We managed to solve the challenges quickly every day, but as the new year approached, they became increasingly difficult. On the last day, the winning team was just faster than our team in the final challenge. We did learn a lot from the event and working together on challenges until the wee hours of the morning was well worth it!"
CEMA Challenge 2022
Also this year, CEMA is organising a new CFT challenge. Van Hoppe recommends students to participate: "We learned a lot about what exactly CEMA does. If you are interested in cyber security, you should definitely do it. We gained a lot of connections within CEMA, but also with people from other cyber security companies.